Vulnerability Leader: Google

Wednesday, November 16, 2011 @ 07:11 AM gHale

Google took over first place in having the largest number of reported vulnerabilities in its products, according to the latest quarterly Threat Roundup from Trend Micro.

Total reported vulnerabilities increased from 901 in the second quarter of 2011 to 990 in the third quarter, and Google’s quota jumped from 65 to 82 to put the firm into the top spot ahead of Oracle and Microsoft.

The number of reported Microsoft vulnerabilities fell from 96 to 58, while Oracle saw a spike from 50 to 63, placing it in second place.

The jump in Google security problems mainly came from the Chrome browser, but that none of the flaws in Chrome was as severe as those in Microsoft products, Trend Micro said.

“The increase in the number of attacks targeting Chrome may primarily be due to the browser’s increasing use and popularity,” the report said.

“The speed at which Chrome is developed, which limits the amount of time for internal and external bug testing prior to product release, may have something to do with Google’s rise in the ranking as well.”

Trend Micro put Oracle’s jump in the rankings down to the firm’s acquisition of Sun and specifically Java, as well as the fact that “Oracle’s codebase is rather large and complicated to maintain”.

Elsewhere, the Threat Roundup reported another rise in Android malware in the Android market and third-party app stores.

The first, ANDROIDOS_DORDRAE.N, was in a Chinese third-party app store. The DroidDreamLight variant can steal information such as call logs, text messages and Google account details.

The security vendor also discovered several new pieces of Android malware over the course of the quarter, designed to steal information or make the hacker money by abusing premium rate services without the owner’s consent.